Merge branch 'master' of https://github.com/bachy/debian-lamp

2015-03-13 00:11:14 +01:00 · 2015-03-13 00:11:14 +01:00 · 0b14c4b078
commit 0b14c4b078
parent 2d25a45a65 c4595ff9cf
2 changed files with 28 additions and 13 deletions
--- a/assets/default_knockd
+++ b/assets/default_knockd
@ -0,0 +1,15 @@
+################################################
+#
+# knockd's default file, for generic sys config
+#
+################################################
+
+# control if we start knockd at init or not
+# 1 = start
+# anything else = don't start
+#
+# PLEASE EDIT /etc/knockd.conf BEFORE ENABLING
+START_KNOCKD=0
+
+# command line options
+#KNOCKD_OPTS="-i eth1"
--- a/assets/knockd.conf
+++ b/assets/knockd.conf
@ -1,15 +1,15 @@
-################################################
-#
-# knockd's default file, for generic sys config
-#
-################################################
+[options]
+	UseSyslog

-# control if we start knockd at init or not
-# 1 = start
-# anything else = don't start
-#
-# PLEASE EDIT /etc/knockd.conf BEFORE ENABLING
-START_KNOCKD=0
+[openSSH]
+	sequence    = 7000,8000,9000
+	seq_timeout = 5
+	command     = /sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
+	tcpflags    = syn
+
+[closeSSH]
+	sequence    = 9000,8000,7000
+	seq_timeout = 5
+	command     = /sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
+	tcpflags    = syn

-# command line options
-#KNOCKD_OPTS="-i eth1"